开源软件名称(OpenSource Name):wearemolecule/route53-kubernetes开源软件地址(OpenSource Url):https://github.com/wearemolecule/route53-kubernetes开源编程语言(OpenSource Language):Go 97.6%开源软件介绍(OpenSource Introduction):DEPRECATEDThis repo has been officially deprecated in favor of the https://github.com/kubernetes-incubator/external-dns addon. That addon offers a lot more features, better performance, and a compatibility mode for current users of route53-kubernetes. See compatibility mode docs here. Kubernetes => Route53 Mapping ServiceThis is a Kubernetes service that polls services (in all namespaces) that are configured
with the label Usageroute53-kubernetes ReplicationControllerThe following is an example ReplicationController definition for route53-kubernetes: Create the ReplicationController via Note: We don't currently sign our docker images. So, please use our images at your own risk. apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: route53-kubernetes
namespace: kube-system
labels:
app: route53-kubernetes
spec:
replicas: 1
template:
metadata:
labels:
app: route53-kubernetes
spec:
containers:
- image: quay.io/molecule/route53-kubernetes:v1.3.0
name: route53-kubernetes This service expects that it's running on a Kubernetes node on AWS and that the IAM profile for that node is set up to allow the following, along with the default permissions needed by Kubernetes: {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "route53:ListHostedZonesByName",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "elasticloadbalancing:DescribeLoadBalancers",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "route53:ChangeResourceRecordSets",
"Resource": "*"
}
]
} Service ConfigurationGiven the following Kubernetes service definition: apiVersion: v1
kind: Service
metadata:
name: my-app
labels:
app: my-app
role: web
dns: route53
annotations:
domainName: "test.mydomain.com"
spec:
selector:
app: my-app
role: web
ports:
- name: web
port: 80
protocol: TCP
targetPort: web
- name: web-ssl
port: 443
protocol: TCP
targetPort: web-ssl
type: LoadBalancer An "A" record for Alternative setupThis setup shows some alternative ways to configure route53-kubernetes. First, you can specify kubernetes certs manually if you do not have service accounts enabled. Second, access to AWS can be configured through a Shared Credentials File. apiVersion: v1
kind: ReplicationController
metadata:
name: route53-kubernetes
namespace: kube-system
labels:
app: route53-kubernetes
spec:
replicas: 1
selector:
app: route53-kubernetes
template:
metadata:
labels:
app: route53-kubernetes
spec:
volumes:
- name: ssl-cert
secret:
secretName: kube-ssl
- name: aws-creds
secret:
secretName: aws-creds
containers:
- image: quay.io/molecule/route53-kubernetes:v1.3.0
name: route53-kubernetes
volumeMounts:
- name: ssl-cert
mountPath: /opt/certs
readOnly: true
- name: aws-creds
mountPath: /opt/creds
readOnly: true
env:
- name: "CA_FILE_PATH"
value: "/opt/certs/ca.pem"
- name: "CERT_FILE_PATH"
value: "/opt/certs/cert.pem"
- name: "KEY_FILE_PATH"
value: "/opt/certs/key.pem"
- name: "AWS_SHARED_CREDENTIALS_FILE"
value: "/opt/creds/credentials" Building locallyInstall dependenciesWe use glide to manage dependencies. To fetch the dependencies to your local glide install -v Build the ImageYou may choose to use Docker images for route53-kubernetes on our Quay namespace or to build the binary, docker image, and push the docker image from scratch. See the Makefile for more information on doing this process manually. |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论